tim johnston created JENKINS-13817: -------------------------------------- Summary: Jenkins Displays Accurev Password in Logs Key: JENKINS-13817 URL: https://issues.jenkins-ci.org/browse/JENKINS-13817 Project: Jenkins Issue Type: Bug Components: accurev Affects Versions: current Environment: windows Reporter: tim johnston Assignee: Scott Tatum
When an accurev command fails, it displays the users' password in plain text. You can see below that the password is properly obscured (with asterisks) when the authentication takes place. Unfortunately, the password is actually displayed in the fatal network error line. Note that I manually changed it to ^^^^ when I pasted the text into this bug report. Error text: Started by user anonymous Building remotely on TestReport in workspace D:\jenkins-slave\workspace\Test_Report_06_04_00_Budgeting_kvh223_WFOP_Macys_ora Purging workspace... Workspace purged. Setting ACCUREV_HOME to "D:\jenkins-slave\workspace" Authenticating with Accurev server... [Test_Report_06_04_00_Budgeting_kvh223_WFOP_Macys_ora] $ "C:\Program Files (x86)\AccuRev\bin\accurev.exe" login -H engaccurev:5051 tim.johnston ******** FATAL: network error - Can't connect to engaccurev.kronos.com for accurev: The operation completed successfully. Attempt to contact AccuRev server on engaccurev port 5051 failed. Giving up. AccuRev Error: 1 FATAL: login ("C:\Program Files (x86)\AccuRev\bin\accurev.exe" login -H engaccurev:5051 tim.johnston ^^^^^^^) failed with exit code 1 Archiving artifacts Recording test results Notifying upstream projects of job completion Finished: FAILURE -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jenkins-ci.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira